const express = require('express');
const carouselController = require('./../controllers/carouselController');
const authController = require('./../controllers/authController');
const router = express.Router({ mergeParams: true });

// 需要管理员的权限保护
router.use(authController.protect);
router.route('/').get(carouselController.getAllCarousels).post(
  // authController.restrictTo('admin'),
  carouselController.createCarousel
);
router.route('/:id').delete(carouselController.deleteCarousel);
module.exports = router;
